Shodan
Vulnerabilities
Vulnerable Software
Videolan:  Security Vulnerabilities
CVE-2024-1580
An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading past version 1.4.0 of dav1d.
CVSS Score
5.9
EPSS Score
0.003
Published
2024-02-19
CVE-2023-46814
A binary hijacking vulnerability exists within the VideoLAN VLC media player before 3.0.19 on Windows. The uninstaller attempts to execute code with elevated privileges out of a standard user writable location. Standard users may use this to gain arbitrary code execution as SYSTEM.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-11-22
CVE-2023-47359
Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket() and results in a memory corruption.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-11-07
CVE-2023-47360
Videolan VLC prior to version 3.0.20 contains an Integer underflow that leads to an incorrect packet length.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-11-07
CVE-2023-32570
VideoLAN dav1d before 1.2.0 has a thread_task.c race condition that can lead to an application crash, related to dav1d_decode_frame_exit.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-05-10
CVE-2022-41325
An integer overflow in the VNC module in VideoLAN VLC Media Player through 3.0.17.4 allows attackers, by tricking a user into opening a crafted playlist or connecting to a rogue VNC server, to crash VLC or execute code under some conditions.
CVSS Score
7.8
EPSS Score
0.001
Published
2022-12-06
CVE-2021-25801
A buffer overflow vulnerability in the __Parse_indx component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file.
CVSS Score
7.1
EPSS Score
0.026
Published
2021-07-26
CVE-2021-25802
A buffer overflow vulnerability in the AVI_ExtractSubtitle component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file.
CVSS Score
7.1
EPSS Score
0.003
Published
2021-07-26
CVE-2021-25803
A buffer overflow vulnerability in the vlc_input_attachment_New component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file.
CVSS Score
7.1
EPSS Score
0.003
Published
2021-07-26
CVE-2021-25804
A NULL-pointer dereference in "Open" in avi.c of VideoLAN VLC Media Player 3.0.11 can a denial of service (DOS) in the application.
CVSS Score
7.5
EPSS Score
0.01
Published
2021-07-26


Products
Pricing
Contact Us

Shodan ® - All rights reserved